Fortinet Security Fabric earns breach prevention rating from NSS Labs

NSS Labs recently unveiled a new test of Breach Prevention System (BPS) technologies in December 2017, designed to assess the ability of security solutions to not only simply detect, but also actually prevent unknown (and little known) threats within 15 minutes. This is a critical capability for organizations concerned with today’s sophisticated threats, especially for IT teams that are accountable for securing business initiatives and yet are understaffed to provide continuous monitoring, investigating, and manual response to security incidents.

What this new testing process found (among other things) is that the Fortinet Security Fabric – with its integration of advanced threat detection into a broad set of security solutions deployed across the distributed attack surface – dramatically changes the game from traditionally time consuming detection and response to automated and highly granular detection, prevention, and response. Specifically, the Fortinet solution – comprised of FortiSandbox, FortiGate, FortiMail, and FortiClient – demonstrated a block rate of 99.6%, with 0 false positives.

Failure is the Mother of Success. How true that is when applied to cyber threats. Every failed and half-baked cyber campaign contributes to the evolution of these attacks, both in terms of sophistication and persistence. Which is why attacks today are so difficult to detect and repel. We are now increasingly seeing complex, exploit-driven malware combined with automated, self-evolving, and persistent attacks delivered via a wide range of attack vectors, including phishing, malvertising, worms, infected watering-holes, and more to establish a toehold within an organization. In fact, Verizon’s’ 2017 DBIR shows that 99% of all malware are distributed over email and web. Combine this with a rapidly evolving network ecosystem of clouds, mobile devices, IoT, and applications and today’s understaffed IT Security teams have their hands full with managing a multitude of disparate security policies, isolated security products, management consoles, and alerts. It can certainly be overwhelming at times. To effectively respond, defense systems need to evolve as well.

So Does Technology

Fortinet built the Security Fabric to augment an organization’s security architecture to correlate threat intelligence to quickly identify sophisticated and highly evasive threats, simplify threat response management, and accelerate threat response times. This begins by providing protection across a broad set of threat vectors through the integration of Fortinet and non-Fortinet products so they can share local and global threat intelligence through a central intelligence hub. Second, fully automating the prevent-detect-mitigate lifecycle across the entire attack surface not only provides an effective mechanism to counter even highly automated attacks, it also goes a long way towards solving the cyber security talent shortage.

Breach Prevention vs. Detection

The advent of this new group test from NSS is a reflection of the fundamental maturation of advanced threat capabilities, requiring security to expand beyond detection to detection and prevention. Over the past four years of BDS testing we have seen solutions improve significantly in terms of accuracy and efficacy as well as in affordability. The maturation of this technology is reflected in the results of this new Breach Prevention test.

Keep in mind, an organizations security posture determines how prevent-detect-mitigate threat response lifecycle is applied. There are organizations that have a higher risk tolerance while focusing more on user productivity/experience and there are others that are more risk adverse while fully aware the small burden of inconvenience placed on its users. Fortinet ATP solutions such as email and endpoint security integrated with sandbox by default allow users to run their day-to-day applications and based on sandbox detections to automatically apply mitigating actions. However, a good security practice to eliminate “patient zero”, is to allow pre-inspection before users have access and this is easily enabled via one-click “hold for sandbox” option in our solutions.

An important nuance between BPS and BDS

The BDS group test measures the detection of exploits, malware and evasions within 24 hours, which is used to calculate the security effectiveness in the BDS Security Value Map (SVM). The BPS group test, on the other hand focuses on blocking exploits, malware and evasions within a 15 minute window that is used to calculate the security effectiveness in the BPS Security Value Map (SVM). Furthermore, the BPS total cost of ownership calculations factors in samples that were additionally detected by the solution since it helps reduce the operational burden associated with the cost of remediating infections and breaches.

Proven Technology

For this new, rigorous BPS test, Fortinet submitted FortiGate, FortiMail, FortiClient, and FortiSandbox, which are all part of the Fortinet Security Fabric solution. Based on the default configurations of our solution, the NSS Labs BPS result highlights include:

FortiSandbox had already proven itself effective in the 2017 BDS test with a 99% Breach Detection rate, earning a Recommended rating four out of four years. And now, integrated with other Security Fabric components – namely, FortiGate, FortiMail, and FortiClient – it has achieved another NSS Recommended award with this latest 2017 BPS test. This latest accolade, combined with our growing list of Recommended awards for other Fortinet solutions, is a testament not only to Fortinet’s commitment to independent testing, but also an assurance that we are committed to continually evolving Fortinet’s Security Fabric technologies to enable organizations to securely achieve their digital transformation objectives.

Related Articles

IRONSCALES has announced that it has been selected to participate in Microsoft’s ScaleUp Program in Tel Aviv, which was previously known as the Microsoft Accelerator. As one of 10 companies chosen out of many applicants, IRONSCALES will benefit […]

Like this:

By Bill McGee Periodically, Fortinet publishes a set of findings based on threat intelligence gathered from hundreds of Cyber Threat Assessments we have performed across the globe. This report provides analysis and insight into […]

Like this:

Sophos has announced that Intercept X Advanced with Endpoint Detection and Response (EDR) is now fully available following an Early Access Program that allowed customers to trial the new technology. With attackers “living off the land” to gain access and […]

Leave a Reply

Be the first to comment

Specify a Disqus shortname at Social Comments options page in admin panel

advert:

About us:

For news, updates, views, analyses and reviews on tech and ICT developments in Kenya, Africa and the world.
For editorial and advertising partnerships, call +254-725-537823 / +254-735-537823 or send an email to aptantech@gmail.com or omondi.ouma@gmail.com.
We also provide Press Release writing and distribution services to local and regional news outlets. Don't hesitate to contact us for media coordination when you've an event.

Advert Dimensions:

For Advertising inquiries:

Above – click on the image for clarity – are the various advert placement positions and dimensions on the blog. For bookings and more info, get in touch through: +254-725-537823 / +254-735-537823 or send an email to: aptantech@gmail.com or omondi.ouma@gmail.com.